cleantalk
Vulnerabilities and Security Researches

Able Player, accessible HTML5 media player, CVE-2025-46475

CVE, Research URL

CVE-2025-46475

Home page URL

Security reports for Able Player, accessible HTML5 media player

Application

Able Player, accessible HTML5 media player

Published on
Apr 24, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in terrillthompson Able Player allows DOM-Based XSS. This issue affects Able Player: from n/a through 1.2.1.
Affected versions
Min -, max 1.2.1.
Status
vulnerable
Previous vulnerability researches
Advanced Linked Variations for Woocommerce (CVE-2025-46244) , Apr 23, 2025
Linked Variation for WooCommerce (CVE-2024-48047) , Oct 18, 2024
New vulnerability
Control Listings – Classifieds Ads Directory Portal Manager (CVE-2025-46234) , Apr 26, 2025
WordPress Tooltip (CVE-2025-46532) , Apr 26, 2025
Business Contact Widget (CVE-2025-46529) , Apr 26, 2025
Drop Caps (CVE-2025-46495) , Apr 26, 2025
WpZon – Amazon Affiliate Plugin (CVE-2025-46506) , Apr 26, 2025